Example 6 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project wildfly by wildfly.
the class WSTrustTestUtils method setupWsseAndSTSClientActAs.
/**
* Request a security token that allows it to act as if it were somebody else.
*
* @param proxy
* @param bus
*/
public static void setupWsseAndSTSClientActAs(BindingProvider proxy, Bus bus) {
Map<String, Object> ctx = proxy.getRequestContext();
ctx.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(SecurityConstants.ENCRYPT_USERNAME, "myactaskey");
ctx.put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(SecurityConstants.SIGNATURE_USERNAME, "myclientkey");
UsernameTokenCallbackHandler ch = new UsernameTokenCallbackHandler();
String str = ch.getUsernameTokenString("alice", "clarinet");
ctx.put(SecurityConstants.STS_TOKEN_ACT_AS, str);
STSClient stsClient = new STSClient(bus);
Map<String, Object> props = stsClient.getProperties();
props.put(SecurityConstants.USERNAME, "bob");
props.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
props.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
props.put(SecurityConstants.ENCRYPT_USERNAME, "mystskey");
props.put(SecurityConstants.STS_TOKEN_USERNAME, "myclientkey");
props.put(SecurityConstants.STS_TOKEN_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
props.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true");
ctx.put(SecurityConstants.STS_CLIENT, stsClient);
}
Also used :
STSClient(org.apache.cxf.ws.security.trust.STSClient)
ClientCallbackHandler(org.jboss.as.test.integration.ws.wsse.trust.shared.ClientCallbackHandler)
UsernameTokenCallbackHandler(org.jboss.as.test.integration.ws.wsse.trust.shared.UsernameTokenCallbackHandler)
Example 7 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project wildfly by wildfly.
the class WSTrustTestUtils method setupWsseAndSTSClientHolderOfKey.
public static void setupWsseAndSTSClientHolderOfKey(BindingProvider proxy, Bus bus) {
Map<String, Object> ctx = proxy.getRequestContext();
STSClient stsClient = new STSClient(bus);
ctx.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
ctx.put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(SecurityConstants.SIGNATURE_USERNAME, "myclientkey");
ctx.put(SecurityConstants.ENCRYPT_USERNAME, "myservicekey");
ctx.put(appendIssuedTokenSuffix(SecurityConstants.USERNAME), "alice");
ctx.put(appendIssuedTokenSuffix(SecurityConstants.CALLBACK_HANDLER), new ClientCallbackHandler());
ctx.put(appendIssuedTokenSuffix(SecurityConstants.ENCRYPT_PROPERTIES), Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(appendIssuedTokenSuffix(SecurityConstants.ENCRYPT_USERNAME), "mystskey");
ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_USERNAME), "myclientkey");
ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_PROPERTIES), Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO), "true");
ctx.put(SecurityConstants.STS_CLIENT, stsClient);
}
Also used :
STSClient(org.apache.cxf.ws.security.trust.STSClient)
ClientCallbackHandler(org.jboss.as.test.integration.ws.wsse.trust.shared.ClientCallbackHandler)
Example 8 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.
the class AbstractStsRealm method configureStsClient.
/**
* Helper method to setup STS Client.
*/
protected STSClient configureStsClient() {
LOGGER.debug("Configuring the STS client.");
STSClient stsClient = configureBaseStsClient();
addStsProperties(stsClient);
setClaimsOnStsClient(stsClient, createClaimsElement());
if (LOGGER.isDebugEnabled()) {
logStsClientConfiguration(stsClient);
}
return stsClient;
}
Also used :
STSClient(org.apache.cxf.ws.security.trust.STSClient)
Example 9 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.
the class SecureProxyServiceFactoryImpl method configureSTSClient.
/**
* Returns a new STSClient object configured with the properties that have
* been set.
*
* @param bus - CXF bus to initialize STSClient with
* @return STSClient
*/
protected STSClient configureSTSClient(Bus bus) {
LOGGER.debug("Configuring STS client...");
String stsAddress = stsClientConfig.getAddress();
String stsServiceName = stsClientConfig.getServiceName();
String stsEndpointName = stsClientConfig.getEndpointName();
String signaturePropertiesPath = stsClientConfig.getSignatureProperties();
String encryptionPropertiesPath = stsClientConfig.getEncryptionProperties();
String stsPropertiesPath = stsClientConfig.getTokenProperties();
STSClient stsClient = new STSClient(bus);
if (stsAddress != null && !stsAddress.isEmpty()) {
LOGGER.debug("Setting WSDL location on STSClient: {}", stsAddress);
stsClient.setWsdlLocation(stsAddress);
LOGGER.debug("Setting service name on STSClient: {}", stsServiceName);
stsClient.setServiceName(stsServiceName);
LOGGER.debug("Setting endpoint name on STSClient: {}", stsEndpointName);
stsClient.setEndpointName(stsEndpointName);
LOGGER.debug("Setting addressing namespace on STSClient: {}", ADDRESSING_NAMESPACE);
stsClient.setAddressingNamespace(ADDRESSING_NAMESPACE);
Map<String, Object> map = new HashMap<String, Object>();
// matter where it is
if (signaturePropertiesPath != null && !signaturePropertiesPath.isEmpty()) {
LOGGER.debug("Setting signature properties on STSClient: {}", signaturePropertiesPath);
Properties signatureProperties = PropertiesLoader.loadProperties(signaturePropertiesPath);
map.put(SecurityConstants.SIGNATURE_PROPERTIES, signatureProperties);
}
if (encryptionPropertiesPath != null && !encryptionPropertiesPath.isEmpty()) {
LOGGER.debug("Setting encryption properties on STSClient: {}", encryptionPropertiesPath);
Properties encryptionProperties = PropertiesLoader.loadProperties(encryptionPropertiesPath);
map.put(SecurityConstants.ENCRYPT_PROPERTIES, encryptionProperties);
}
if (stsPropertiesPath != null && !stsPropertiesPath.isEmpty()) {
LOGGER.debug("Setting sts properties on STSClient: {}", stsPropertiesPath);
Properties stsProperties = PropertiesLoader.loadProperties(stsPropertiesPath);
map.put(SecurityConstants.STS_TOKEN_PROPERTIES, stsProperties);
}
LOGGER.debug("Setting STS TOKEN USE CERT FOR KEY INFO to \"true\"");
map.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, Boolean.TRUE.toString());
map.put(SecurityConstants.DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, Boolean.TRUE.toString());
stsClient.setProperties(map);
} else {
LOGGER.debug("STS address is null, unable to create STS Client");
}
LOGGER.debug("Done configuring STS client");
return stsClient;
}
Also used :
STSClient(org.apache.cxf.ws.security.trust.STSClient)
HashMap(java.util.HashMap)
Properties(java.util.Properties)
Example 10 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.
the class SecureProxyServiceFactoryImpl method configureProxyFactoryProperties.
/**
* Configures the JaxWsProxyFactoryBean with the properties that have been set for the particular source.
*/
protected void configureProxyFactoryProperties(JaxWsProxyFactoryBean clientFactory, SecurityToken token, WebServiceProperties wsp) {
String signaturePropertiesPath = stsClientConfig.getSignatureProperties();
String encryptionPropertiesPath = stsClientConfig.getEncryptionProperties();
String stsPropertiesPath = stsClientConfig.getTokenProperties();
LOGGER.debug("Configuring proxy factory properties");
if (wsp.endpointAddress != null) {
LOGGER.debug("Configuring JaxWsProxyFactoryBean");
Bus bus = clientFactory.getBus();
if (bus == null) {
LOGGER.debug("Getting CXF thread default bus.");
bus = BusFactory.getThreadDefaultBus();
}
clientFactory.setWsdlURL(wsp.endpointWsdlURL);
clientFactory.setAddress(wsp.endpointAddress);
clientFactory.setServiceName(wsp.serviceName);
clientFactory.setEndpointName(wsp.endpointName);
clientFactory.setServiceClass(wsp.serviceClass);
LOGGER.debug("Configuring STS Client");
HashMap<String, Object> properties = new HashMap<>();
STSClient stsClient = configureSTSClient(bus);
LOGGER.debug("Setting STSClient");
properties.put(SecurityConstants.STS_CLIENT, stsClient);
if (token != null && token.getToken() != null) {
LOGGER.debug("Setting incoming SAML assertion to outgoing federated client");
properties.put(SecurityConstants.TOKEN, token);
}
if (signaturePropertiesPath != null && !signaturePropertiesPath.isEmpty()) {
LOGGER.debug("Setting signature properties: {}", signaturePropertiesPath);
Properties signatureProperties = PropertiesLoader.loadProperties(signaturePropertiesPath);
properties.put(SecurityConstants.SIGNATURE_PROPERTIES, signatureProperties);
}
if (stsPropertiesPath != null && !stsPropertiesPath.isEmpty()) {
LOGGER.debug("Setting sts properties: {}", stsPropertiesPath);
Properties stsProperties = PropertiesLoader.loadProperties(stsPropertiesPath);
properties.put(SecurityConstants.STS_TOKEN_PROPERTIES, stsProperties);
}
if (encryptionPropertiesPath != null && !encryptionPropertiesPath.isEmpty()) {
LOGGER.debug("Setting encryption properties: {}", encryptionPropertiesPath);
Properties encryptionProperties = PropertiesLoader.loadProperties(encryptionPropertiesPath);
properties.put(SecurityConstants.ENCRYPT_PROPERTIES, encryptionProperties);
}
properties.put(SecurityConstants.DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, Boolean.TRUE.toString());
clientFactory.setProperties(properties);
}
LOGGER.debug("Finished configuring proxy factory properties");
}
Also used :
Bus(org.apache.cxf.Bus)
STSClient(org.apache.cxf.ws.security.trust.STSClient)
HashMap(java.util.HashMap)
Properties(java.util.Properties)
Aggregations
STSClient (org.apache.cxf.ws.security.trust.STSClient)19
ClientCallbackHandler (org.jboss.as.test.integration.ws.wsse.trust.shared.ClientCallbackHandler)5
HashMap (java.util.HashMap)4
WSSecurityException (org.apache.ws.security.WSSecurityException)4
BindingProvider (javax.xml.ws.BindingProvider)3
Bus (org.apache.cxf.Bus)3
BusException (org.apache.cxf.BusException)3
EndpointException (org.apache.cxf.endpoint.EndpointException)3
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)3
TrustException (org.apache.cxf.ws.security.trust.TrustException)3
MalformedURLException (java.net.MalformedURLException)2
URL (java.net.URL)2
Properties (java.util.Properties)2
WebService (javax.jws.WebService)2
QName (javax.xml.namespace.QName)2
XMLStreamException (javax.xml.stream.XMLStreamException)2
Service (javax.xml.ws.Service)2
AuthenticationException (org.apache.shiro.authc.AuthenticationException)2
ServiceIface (org.jboss.as.test.integration.ws.wsse.trust.service.ServiceIface)2
UsernameTokenCallbackHandler (org.jboss.as.test.integration.ws.wsse.trust.shared.UsernameTokenCallbackHandler)2
